PhpMyAdmin - Unauthenticated Access

What is the "PhpMyAdmin - Unauthenticated Access?"

The "PhpMyAdmin - Unauthenticated Access" module is designed to detect unauthenticated access to the phpMyAdmin dashboard. PhpMyAdmin is a popular web-based database management tool used for managing MySQL databases. This module focuses on identifying instances where the phpMyAdmin dashboard can be accessed without proper authentication, which can pose a significant security risk.

This module has a severity level of high, indicating the potential for serious vulnerabilities if unauthenticated access is detected.

Impact

If unauthenticated access to the phpMyAdmin dashboard is possible, it can allow unauthorized individuals to gain control over the database management tool. This can lead to unauthorized data manipulation, data theft, or even complete compromise of the underlying database system. It is crucial to address any instances of unauthenticated access to phpMyAdmin to prevent potential security breaches.

How the module works?

The "PhpMyAdmin - Unauthenticated Access" module works by sending HTTP requests to various paths commonly associated with the phpMyAdmin dashboard. It then applies matching conditions to determine if unauthenticated access is possible. The module checks for the presence of specific files in the response body, such as "server_sql.php", "server_status.php", "server_variables.php", and "server_databases.php". It also verifies the presence of the "Set-Cookie: phpMyAdmin=" header and ensures that the response content type is "text/html". Additionally, the module checks if the HTTP response status is 200, indicating a successful request.

Here is an example of an HTTP request used by the module:

GET /index.php HTTP/1.1
Host: [Hostname]

The module then evaluates all the matching conditions and reports a vulnerability if unauthenticated access is detected.

For more information about the "PhpMyAdmin - Unauthenticated Access" module, please refer to the original author's documentation.